Cyber Security

Has the White House's cybersecurity Plan Been Effective

Posted on May 20, 2015

Following a series of high-profile cyberattacks on large U.S. businesses in 2013, President Barack Obama released an official plan for addressing and improving digital security in the country. The New York Times noted that it had raised public and private interest in the vulnerabilities of servers when it was hacked in 2013. Following research and reporting related to the issue, The Times also found that many other U.S. companies had not only recently been targeted by hackers but that many of the attacks came from the same group - a Chinese cyberwarfare division.

The plan The Obama administration issued an official report in 2013 that outlined some of the current cybersecurity issues of the time, along with presenting the five areas of focus for developing stronger security practices. The five points put forth in the report are diplomatic efforts to reduce cybercrime, the promotion of voluntary best practices, enhancing law enforcement efforts, improving legislation and increasing public knowledge and outreach efforts for stakeholders.

There's little doubt the administration has put plenty of resources toward developing public knowledge and improving outreach. President Obama has been an outspoken public advocate of increased awareness in the field, appearing at events to discuss cybersecurity and advocating for legislation as well. Similarly, many companies are now using stronger, more robust cybersecurity measures to protect their own interests.

"Issues within the original scope of the report - foreign attacks and the illegal acquisition of trade secrets - remain a problem."

Areas that need improvement The Times spoke with with James A. Lewis, a cybersecurity authority who works at Washington, D.C.'s Center for Strategic and International Studies, about the administration's successes and failures related to the plan. While some areas have seen progress, there are still plenty of issues specifically around foreign attacks on U.S. government and private business servers.

"There hasn't been any change," Lewis told The Times. "There's a lot more we can do. But we haven't reached our pain point for taking more drastic steps on cyberespionage, and the Chinese haven't reached their pain point for stopping it."

While there has been increased attention as of late related to the more general concept of cybersecurity, issues within the original scope of the report - foreign attacks and the illegal acquisition of trade secrets - remain a problem. One issue with foreign cyberespionage specifically is the lack of U.S. jurisdiction in other countries. The Times highlighted the indictment of five Chinese citizens in 2014, but also noted that the action was largely symbolic. Unless foreign governments cooperate with their American counterpart, it's extremely difficult for U.S. authorities to successfully prosecute hackers from other countries.

A broadening of scope It's interesting to note that the report, officially titled "Administration Strategy of Mitigating the Theft of U.S. Trade Secrets" was focused specifically on trade secrets and mostly discussed hacking in terms of protecting such highly sensitive information. Of course, the current atmosphere around cybersecurity issues has extended beyond trade secrets to include all of the data stored in business servers, including financial data and personal information about both staff and customers. The current pair of cybersecurity bills working their way through the legislative process and endorsed by the Obama administration reflect this broader spectrum.

Going forward Despite the significant level of additional effort put forth by the federal government since 2013, the onus is still on individual businesses to do much of the work of protecting their own sensitive data. Increased legal protections and awareness-raising efforts are probable in the future, but organizations have to take a proactive role in securing their own servers and defending against malicious attacks originating domestically and abroad.

Blog Categories

Thank You!

Thanks for contacting NC4! A member of our team will be in touch with you shortly.

Contact Us

First Name*

Last Name*

Email*

Phone*

Company Name*

Job Title

Comments

Which of our solutions are you interested in?*

Cyber Threat Intelligence

Emergency Management

Law Enforcement

Risk Management

Other

Please check this box to consent to NC4’s use of your information in accordance with our Privacy Policy*.

About

NC4® delivers safety and security solutions for both business and government organizations.
We revolutionize how organizations and communities collect, manage, share, and disseminate
information to reduce cyber threats, fight crime, mitigate risks, and manage incidents. NC4 also
provides cyber threat sharing solutions both through secure collaboration services and through automated, structured, and standardized mechanisms.

Cookies on the NC4 website

Please note that in order to improve your browsing experience, this website uses cookies that will store information on your device. By continuing to use our website and/or clicking Continue, you are agreeing to our use of cookies in accordance with our Privacy Policy.